Once again, a vulnerability in the popular Linksys WRT54GL router has demonstrated how session riding and cross-site request forgery (CSRF) work. An attacker can disable the firewall from outside with a single crafted link on a web site.